IT Spotlight

Apple recently announced that there are a limited number of 13-inch MacBook Pro (non-Touch Bar) laptops from 2017 and 2018 that have defective 128GB or 256GB solid-state drives. Apple suggests that to avoid data loss, these drives be replaced as soon as possible. They have a website to determine if your laptop is affected, see 13-inch MacBook Pro (non Touch Bar) Solid-State Drive Service Program. Enter your serial number to see if the laptop requires repair.

If Apple’s website indicates that your system is affected, IT User Support recommends that you do the following:

Ensure that you have a backup of your computer. We recommend using Berkeley Lab IT’s enterprise backup solution, Druva inSync, but there are other options available.

Entering a help ticket by clicking here: REQUEST HELP. Berkeley Lab IT has a contract with an authorized Apple repair service. There will be no charge for the repair, but there may be some charges for the procurement and shipping.

Alternatively, you can take your system to an Apple Store location to get it repaired at no cost. A Genius Bar appointment is required.

If a loaner computer is needed while your laptop is being repaired, please indicate this in your help request.

Zoom has identified a vulnerability in its Zoom Meeting Client for Mac, Windows and Linux. This vulnerability is pretty bad, we believe it’s worth you taking the time to upgrade. The vulnerability could enable execution of unauthorized Zoom commands like spoofing chat messages, hijacking screen controls and kicking attendees off calls and locking them out of meetings.

To address this issue, Zoom has released updated Zoom Meeting Clients for Mac, Windows, Linux, iOS, and Android. Make sure your client is one of these versions:

Windows: 4.1.34460.1105 or higher

Mac: 4.1.34475.1105 or higher

Linux: 2.5.146186.1130 or higher

IOS: 4.1.18 (4460.1105) or higher

Android: 4.1.34489.1105 or higher

What you should do:

Zoom users should download and install the most recent version of the Zoom Meeting Client. The update is available here: https://lbnl.zoom.us/download.

Why would this article be featured in IT Spotlight? The Green Gaming Project was a collaboration between Science and IT. Evan Mills and Norm Bourassa, senior scientists from the Building Technology and Urban Systems Division, worked together with a group of avid gamers from the IT Workstation Support Group to measure the energy consumption from gaming systems. This project and IT’s Jimmy Mai’s involvement were recently highlighted in Mother Jones, Video Games Consume More Electricity Than 25 Power Plants Can Produce.

The story began when Evan Mills brought in his MacBook Pro to be repaired by the IT Workstation Support Group. Evan shared his story about measuring energy consumption on his son’s gaming PC. The IT technicians, some avid gamers, engaged in the conversation and were curious about his work. One thing led to another and Mills found a group of willing participants in his project. He had IT staff designing, procuring, configuring, testing and monitoring gaming systems plus the development of server and client software to track GPU consumption since it was not available in the open market. The Workstation Support Group became the one stop shop for Mills and Bourassa and this project became the dream job for Desktop Systems Specialist Jimmy Mai, the lead tester on the project. It was a win-win for the Lab.

If you use a high-powered gaming computer or console, you might want to consult the project results to see what you can do to reduce your carbon footprint, check out http://greengaming.lbl.gov.

Operations computers are managed by the IT Workstation Support Group under the Operations Desktop Support (ODS) program. At this time Operations Mac users cannot install the latest macOS, Mojave. We are currently blocking this macOS until we can confirm that all standard ODS software is compatible with the upgrade. Test results indicate that all software works except for Spirion, a Personal Identifying Information (PII) removal tool. We are waiting on the vendor to release an update. Delivery date not yet published. Once a Spirion update is provided, ODS Mac users will be able to download and install Mojave.

For non-Operations users, always approach major operating system upgrades with caution. Users should always verify:

Hardware compatibility

Application compatibility

Backup capability

RoaringApps (https://roaringapps.com/), a crowd sourcing website provides information on application compatibility with operating system versions. All Mac users should ensure they have a backup of their system before doing any kind of update to minimize downtime if the upgrade fails.

This year a pilot program between IT and Berkeley Lab Property Management used BigFix in the Lab’s Wall-to-Wall inventory campaign to certify the existence of a DOE tagged asset. Any DOE-barcoded system running BigFix and present on the LBL network can be automatically verified for inventory purposes, without the barcode being scanned. This saves property reps and staff time normally spent digging through closets and desk drawers for missing laptops. There are currently over 3500 DOE assets accounted for in BigFix. Manual scanning of barcodes has become a thing of the past.

During the pilot it was discovered that there are many systems in BigFix whose serial numbers do not match any records in Sunflower. Some of these were the result of data entry errors, but there are still some computers that have serial numbers which are unable to reconcile with Sunflower. As a result, Berkeley Lab IT will begin an on-going campaign to request help from users to tag their systems by providing the DOE number.

Users logged into affected computers will see one of the following windows:

We’ve all heard the stories about major data breaches at some of the largest online businesses. 3 billion Yahoo customers had their usernames and passwords compromised leaving those users vulnerable to hackers. Target was breached in 2013, exposing the information of 41 million customers.

A strong password is no longer enough to protect you and your data. Multi Factor Authentication (MFA) provides a second layer of security beyond your username and password. Think of it this way: your username and password are “something you know.” MFA requires both “something you know” and “something you have.” At Berkeley Lab, the “something you have” is a physical token that will generate a unique one-time password (OTP). Under MFA, a hacker who has your credentials still can’t access your account, because they lack “the something you have.”

Berkeley Lab has implemented MFA protection for your Berkeley Lab Identity. As a computing best practice and to help protect you against credential theft, you can choose to add MFA protection for your Single-Sign-On (SSO) logins, such as Gmail, Google Calendar, Google Team Drive, LETS, HRIS, etc.

Commons contains user-contributed content and
does not represent the position or endorsement of the Laboratory, DOE,
or the University of California. Your use of this site is subject to
our security and privacy policies.

A U.S. Department of Energy National Laboratory Operated by the University of California